I need a simple way to intercept all HTTP requests from client Linux machine (Mint, Ubuntu, OpenSuse). I am using ZAP Attack Proxy. Configuring web browsers and client applications individually to use ZAP Attack as a proxy is not an option for me. Preferably it must capture all requests in a Fiddler-like manner, with no or minimum configuration.
How do I configure ZAP attack as a system-wide proxy?
Cant you set ZAP as a proxy in the global network settings?
That works for me on Fedora, I'm afraid I dont have a Mint/Ubuntu/OpenSuse system to try out, but this post implies its the same on Ubuntu: https://askubuntu.com/questions/664777/systemwide-proxy-settings-in-ubuntu
Related
I have been looking around to see if there is some simple, stand-alone(ish) agent/server setup that would allow a ping to be launched from a host with an agent on it. When I say "ping," I mean via icmp echo and/or tcp port check. I have Windows, Linux, and AIX systems that would get such an agent.
I would like to set up a central server with authentication that can issue pings from any device that has one of these agents. The primary use would be VPN testing, so that traffic can be initiated from a device that I don't necessarily have access to.
It seems that some monitoring software has this (e.g., Zabbix) but I don't want to go through the pain of installing a whole big piece of software like that just to get this functionality.
Almost all our AIX and Linux systems have perl installed, so that could be a nice option if I had to write my own. I would rather find something "tried-and-true" though...
I didn't realize that we already had SaltStack installed on almost all our servers (I'm a network guy, not a server guy). Once I talked to one of the server administrators, he showed me how this could be done using Salt.
I have set up an Google Cloud Compute Instance:
Machine type
n1-standard-1 (1 vCPU, 3.75 GB memory)
CPU platform
Intel Haswell
Zone
us-east1-c
I can ssh in using the external address.
I have installed the vncserver and can access it on port 5901 from localhost as well as the internal IP.
I am trying to access it from the static, external IP address but it is not working.
I have configured the firewall to open to port to 0.0.0.0/0, but it is not reachable.
Can anyone help?
------after further investigation from the tips from the two answers (thanks, both!), I have a partial answer:
The Google Cloud Compute instance was set, by default, to not allow
HTTP traffic. I reset the configuration to allow HTTP traffic. I
then tried the troubleshooting tip to run a small HTTP service in
python. I was able to get a ressponse from the service over the
internet.
The summary of the current situation is as follows:
The external IP address can be reached
It is enabled and working for SSH
It is enabled and working for HTTP
It does not seem to allow traffic from vncserver
Any idea how to configure the compute instance to allow for vncserver traffic?
If you already verified that Google Firewall or your VM are not blocking packets, you must make sure that VNC service is configured to listen on the external IP address.
You can always use a utility like nmap outside Google project to reveal information on the port status.
enable http/https traffic form the firewall as per the need. it will work!!
The Google Cloud Compute instance was set, by default, to not allow HTTP traffic. I reset the configuration to allow HTTP traffic. I then tried the troubleshooting tip to run a small HTTP service in python. I was able to get a response from the service over the internet.
As such, the original question is answered, I can access Google Cloud Compute Instance External IP. My wider issue is still not solved, but I will post a new, more specific question about this issue
TLDR: make sure you are requesting http not https
In my case i was following the link from my CE instance's External Ip property which takes you directly to the https version and i didn't set up https, so that was causing the 'site not found' error.
Create an entry in your local ssh config file as below with mentioned local forward port. In my case its an example of yarn's IP, which I want to access in browser.
Host hadoop
HostName <External-IP>
User <Local-machine-username>
IdentityFile ~/.ssh/<private-key-for-above-user>
LocalForward 8089 <Internal-IP>:8088
In addition to having the firewall rules to allow HTTP traffic in both Google Cloud Platform and within the OS of the instance, make sure you install a web server such as Apache or Nginx.
After installing the web server, you connect to the instance using SSH and verify you do not get a failed connection with the following command:
$ sudo wget http://localhost
If the connection is positive, it means that you can access your external URL:
http://<IP-EXTERNAL-VM>
Usually there are two main things to check.
1. Port
By default, only port 80, 443 and ICMP are exposed. If your server is running on a different port, create a record for the same.
2. Firewall
Make sure you are allowing http and https traffic based on your need.
oua re
For me the problem was that I set up the traffic for the firewall rule to be 'Egress' instead of 'Ingress'.
If anyone already initiated 'https'
just disable it and check again.
I'm new to the whole cloud concept.
I have set up a Windows VM with GCE, remote desktopped into it, installed Apache HTTPD and set the firewall rules, turning this Google GCE into a web server. I intend to install Perl, which is my primary programming language and isn't supported in App Engine.
I am looking for an alternative to my current hosting solution for better uptime and availability, or at least a fall-back service.
Is it recommended to use GCE in this way or am I barking up the wrong tree?
GCE is a very general solution, you can use your VM for whatever purpose you want. In particular GCE is recommended for all workloads that do not fit in the rather strict limitations of App Engine.
Having said that, web hosting was probably the first and main use case for GCE when it was being implemented. On top of having a single VM serving your traffic you can trivially scale your solution up by using load balancers and/or autoscaling. On top of that you can use a managed DB if your web server needs storage, etc. So the answer is, yes, GCE is definitely designed to be used as a web server.
My php application has to work over https. However phpstorm's build in web server does not serve https connections.
I even enabled two different built in web servers over ports 80 and 443, but https://localhost does not work while http://localhost works.
How to configure built in web server for https?
The PHP built-in webserver has zero support for SSL. There are a few ways to fake it, none of them good. The idea seems to be that a development server (which it is intended to be) has no need of SSL, but someone clearly overlooked the need to develop handling and the like for SSL based connections.
A simple example would be Wordpress running with the FORCE_SSL_ADMIN flag set to true.
If your development requires it I suggest installing a more robust webserver for your development.
Which is best tcp socket server to testing html5websocket? I developing a html5socket based client that will interact with tcp. So I want first a testing server. I am good in PHP but not in sockets programming. So I used PHPwebsocket downloaded from google code. I tried it using its own client and server for testing but it suddenly disconnects and not work as intended so is there any other socket server to test HTML5 websocket client? Which one is better, I can use a python based, or java based tcp server or if in PHP then that can be more convenient. And please tell me what else I need to test HTML5 websocket. I am newbie in sockets. So my concepts are not so clear.
thanks for any advise.
If you want to self host then:
pywebsocket - Python
jwebsocket - Java
jetty with WebSockets - Java
You could connect to the Pusher hosted WebSocket API to see if you can connect. More information on the endpoints and Pusher protocol here:
http://pusher.com/docs/pusher_protocol
You would need to sign up for a free Pusher sandbox account to do this though.
You say you want to "interact with tcp". Do you have specific protocols in mind? If using JMS, XMPP, or AMQP, the Kaazing WebSocket Gateway provides these industry standard APIs and protocols in the browser out-of-the-box. For example, using JMS, you can build pretty complex messaging applications without a single line of server-side code. Everything can run in the client (typically in JavaScript in the browser).
Here are some examples showcasing the power of extending rich business protocols all the way to the browser.
Also, the Kaazing gateway comes with free development license; fully functional server for up to 50 concurrent connections, no functionality or time restrictions.